NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
) handler for DxgkDdiEscape
where improper access controls may allow a user to access arbitrary physical memory, leading to an escalation of privileges.
CVSS Base Score: 8.8
CVSS Temporal Score: 7.7
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
) handler for DxgkDdiEscape
ID 0x600000E, 0x600000F, and 0x6000010 where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
CVSS Base Score: 8.8
CVSS Temporal Score: 7.9
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
) handler for DxgkDdiEscape
where the size of an input buffer is not validated leading to a denial of service or possible escalation of privileges.
CVSS Base Score: 8.8
CVSS Temporal Score: 7.9
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
) handler for DxgkDdiEscape
where improper access controls allow a regular user to write a part of the registry intended for privileged users only, leading to escalation of privileges.
CVSS Base Score: 8.8
CVSS Temporal Score: 7.9
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
) handler for DxgkDdiEscape
where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
CVSS Base Score: 8.8
CVSS Temporal Score: 7.9
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys
for Windows or nvidia.ko
for Linux) where a user can cause a GPU interrupt storm, leading to a denial of service.
CVSS Base Score: 6.5
CVSS Temporal Score: 5.9
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C
NVIDIAβs risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a local security or IT professional to evaluate the risk of your specific configuration. NVIDIA doesnβt know of any exploits to these issues at this time.